On Friday 14 January 2000, at 16 h 55, the keyboard of Jeff MacDonald
<jeff(at)hub(dot)org> wrote:
> make cgi dir 711
> big deal, they can get the name of the file
> from the web, and copy it.
My CGIs sources a config file, in mode 700, only readable by 'www' (the user
which executes Apache).
I adopted this after a CGI was inadvenrdently made available on the Web, in
source form :-)
If you have CGI authors you do not trust, have two Apache, with different IDs.
> this is assuming they already have an account
> on the machine, something that cannot be ruled
> out.
Unix file protections are enough against local users.